Prevent an address violation parsing corrupt DWARF information by fixing the test...

author Nick Clifton <nickc@redhat.com>

Fri, 1 Sep 2017 10:20:51 +0000 (11:20 +0100)

committer Nick Clifton <nickc@redhat.com>

Fri, 1 Sep 2017 10:20:51 +0000 (11:20 +0100)
author Nick Clifton <nickc@redhat.com>
Fri, 1 Sep 2017 10:20:51 +0000 (11:20 +0100)
committer Nick Clifton <nickc@redhat.com>
Fri, 1 Sep 2017 10:20:51 +0000 (11:20 +0100)
diff --git a/bfd/ChangeLog b/bfd/ChangeLog

index e0dd88f..8c6e8b1 100644 (file)
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,11 @@
  2017-09-01  Nick Clifton  <nickc@redhat.com>
  
+       PR 22059
+       * dwarf2.c (decode_line_info): Fix test for an overlong line info
+       structure.
+
+2017-09-01  Nick Clifton  <nickc@redhat.com>
+
         PR 22058
         * elf-attrs.c (_bfd_elf_parse_attributes): Ensure that the
         attribute buffer is NUL terminated.
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c

index 40a187a..856c963 100644 (file)
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -2096,12 +2096,12 @@ decode_line_info (struct comp_unit *unit, struct dwarf2_debug *stash)
        offset_size = 8;
      }
  
-  if (lh.total_length > stash->dwarf_line_size)
+  if (unit->line_offset + lh.total_length > stash->dwarf_line_size)
      {
        _bfd_error_handler
         /* xgettext: c-format */
-       (_("Dwarf Error: Line info data is bigger (%#Lx) than the section (%#Lx)"),
-        lh.total_length, stash->dwarf_line_size);
+       (_("Dwarf Error: Line info data is bigger (%#Lx) than the space remaining in the section (%#Lx)"),
+        lh.total_length, stash->dwarf_line_size - unit->line_offset);
        bfd_set_error (bfd_error_bad_value);
        return NULL;
      }
author	Nick Clifton <nickc@redhat.com>
	Fri, 1 Sep 2017 10:20:51 +0000 (11:20 +0100)
committer	Nick Clifton <nickc@redhat.com>
	Fri, 1 Sep 2017 10:20:51 +0000 (11:20 +0100)
bfd/ChangeLog		patch \| blob \| history
bfd/dwarf2.c		patch \| blob \| history